Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B204056C38D11EFAE10CD9A762E951A.roa
File: 6B204056C38D11EFAE10CD9A762E951A.roa (raw, json)
Hash identifier: NwOfXRDxfhPvOsouA7qcwapRG0YwO1k/ZwU7Ac4wOJw=
Subject key identifier: 09:D4:FA:7F:3D:ED:04:47:4E:B8:18:C0:A3:D8:55:BC:28:D8:F4:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B204056C38D11EFAE10CD9A762E951A.roa
Signing time: Thu 26 Dec 2024 13:29:23 +0000
ROA not before: Thu 26 Dec 2024 13:29:19 +0000
ROA not after: Sun 12 Dec 2027 13:29:19 +0000
asID: 17561
IP address blocks: 45.196.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60611 (0xecc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:29:19 2024 GMT
Not After : Dec 12 13:29:19 2027 GMT
Subject: CN=676d5a33-dca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9c:94:a9:b4:05:69:c1:0b:ad:99:77:b5:42:
39:fe:8d:1b:be:b9:36:de:20:86:a2:27:9e:d0:92:
fd:d8:95:80:25:97:c8:d0:1c:67:70:c2:17:96:6f:
3b:82:ad:ab:4b:88:bc:a7:31:a3:82:b0:58:50:bf:
d0:3a:57:52:72:1a:c1:1a:f6:49:20:a0:c3:df:86:
b9:5d:6f:36:aa:d5:52:37:7c:a9:de:c6:9d:df:c5:
73:c5:44:7b:02:06:eb:25:01:70:9e:b3:3a:95:59:
8a:86:f9:f0:46:df:c5:f4:a9:93:2f:b9:26:67:47:
b0:9c:d1:9c:67:91:f1:11:dd:c6:d6:bf:a3:b7:6c:
6f:35:44:50:7e:39:7f:4f:b1:76:0f:86:49:8e:41:
c1:a2:cf:58:d2:72:1d:c9:9e:93:75:0b:1f:e5:dc:
1a:31:2c:07:5e:9d:89:27:d0:7a:78:66:76:b5:9b:
f8:ac:54:b9:54:6e:1d:87:02:db:a5:aa:72:bd:c2:
db:2b:28:69:a8:8f:a6:9d:4a:65:0c:65:49:e2:50:
1e:79:df:24:76:d0:40:5e:41:70:1b:0f:29:4e:c6:
66:eb:cd:11:0f:bc:a9:8f:a4:62:5f:4b:02:9e:61:
5b:88:1f:fb:c7:05:36:64:fe:64:ad:51:c7:d1:56:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D4:FA:7F:3D:ED:04:47:4E:B8:18:C0:A3:D8:55:BC:28:D8:F4:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B204056C38D11EFAE10CD9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.211.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:04:19:d5:af:a2:b8:80:0c:22:62:43:06:5f:df:34:1d:3d:
c4:e9:2e:a6:e6:29:c9:fc:9d:d5:cd:10:dc:04:94:b7:19:4b:
d8:c8:9b:dc:6a:2f:27:d7:ec:1c:f5:20:ab:c5:e7:15:6b:b7:
24:73:4d:11:2f:bf:3a:bf:b8:6b:e9:ba:ec:6f:51:b8:40:14:
14:8f:09:d8:7a:77:19:10:02:55:79:3c:9c:c0:af:02:c1:42:
63:62:b5:1a:6f:07:f5:eb:a5:ba:31:fc:c8:ff:6f:a6:9f:ad:
5f:5c:09:62:aa:85:2a:4a:39:d7:69:34:0e:88:f9:5c:a3:1c:
18:c3:02:bd:57:a8:59:ed:7e:f9:68:a0:90:df:c7:e9:3b:8a:
b8:7f:16:3f:80:f7:16:3d:d9:00:9d:f2:fd:b2:97:5b:74:8d:
b5:50:d9:ba:f3:ad:0e:b6:77:3b:be:05:7c:1d:88:e8:6f:9b:
8f:ac:fd:76:4b:1a:46:56:57:21:7a:b9:f9:ff:df:5b:2b:58:
69:81:94:a7:de:9c:7b:f4:28:ae:4b:cf:04:e1:cb:f5:39:38:
7c:04:18:63:20:37:00:c7:f9:14:45:4c:69:b1:a4:5f:d7:d7:
73:a9:23:0d:f1:59:82:c5:46:8c:5f:07:26:70:d9:72:6e:68:
8e:a2:e5:23
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMyOTE5WhcNMjcxMjEyMTMyOTE5WjAYMRYw
FAYDVQQDEw02NzZkNWEzMy1kY2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl5yUqbQFacELrZl3tUI5/o0bvrk23iCGoiee0JL92JWAJZfI0BxncMIX
lm87gq2rS4i8pzGjgrBYUL/QOldSchrBGvZJIKDD34a5XW82qtVSN3yp3sad38Vz
xUR7AgbrJQFwnrM6lVmKhvnwRt/F9KmTL7kmZ0ewnNGcZ5HxEd3G1r+jt2xvNURQ
fjl/T7F2D4ZJjkHBos9Y0nIdyZ6TdQsf5dwaMSwHXp2JJ9B6eGZ2tZv4rFS5VG4d
hwLbpapyvcLbKyhpqI+mnUplDGVJ4lAeed8kdtBAXkFwGw8pTsZm680RD7ypj6Ri
X0sCnmFbiB/7xwU2ZP5krVHH0VZ6KQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAnU
+n897QRHTrgYwKPYVbwo2PTaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QjIwNDA1NkMzOEQxMUVGQUUxMENEOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTTMA0GCSqGSIb3DQEBCwUA
A4IBAQCrBBnVr6K4gAwiYkMGX980HT3E6S6m5inJ/J3VzRDcBJS3GUvYyJvcai8n
1+wc9SCrxecVa7ckc00RL786v7hr6brsb1G4QBQUjwnYencZEAJVeTycwK8CwUJj
YrUabwf166W6MfzI/2+mn61fXAliqoUqSjnXaTQOiPlcoxwYwwK9V6hZ7X75aKCQ
38fpO4q4fxY/gPcWPdkAnfL9spdbdI21UNm6860Otnc7vgV8HYjob5uPrP12SxpG
Vlchern5/99bK1hpgZSn3px79CiuS88E4cv1OTh8BBhjIDcAx/kURUxpsaRf19dz
qSMN8VmCxUaMXwcmcNlybmiOouUj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:16 2025 by rpki-client